Also Read
Here’s what you need to know before working remote results in a full-blown disaster.
Every Wi-Fi device is vulnerable
While all Wi-Fi-enabled devices are affected by the flaw, Android smartphones and Linux computers are most vulnerable to a particularly devastating variant of the attack.
The most effective attack was used against “clients,” not access points (like your home router), but you should still avoid connecting to public Wi-Fi services. The attack, dubbed “KRACK,” is only effective if the hacker is in proximity to your device, so you’re likely more safe at home or at work. But popular areas for public Wi-Fi, like your local coffee shop or airport, remain at risk.
Not only do these networks allow access without authentication, but there is also the uncertainty that the equipment providing the connection is outdated and, therefore, unsecure. There’s virtually no way of knowing if a public access point has received the necessary updates to fix the KRACK flaw or whether those updates were ever installed.
Also Read
None of the online guides for safely browsing public Wi-Fi will save you from this latest vulnerability. We recommend staying away from public Wi-Fi until your devices receive software updates that fix the issue. If you’re not sure, search your device’s manufacturer to see if they’ve released a statement on the matter or created a support page with links on how to update your device’s Wi-Fi security. Until then, use cellular networks when possible or connect your gadgets directly to a router to bypass the wireless protocol.
The good news is that you don’t need to rely on businesses and venues to update the firmware on their routers. The security researchers who discovered KRACK, Mathy Vanhoef, explained here.
“No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks.”
Even without KRACK, public Wi-Fi is considered extremely insecure. To bolster your defenses, you should always use a virtual private network (VPN) when connecting to a public Wi-Fi access point. A VPN will encrypt your traffic and give you an added layer of protection.
Consider the following seven security tips to keep prying eyes out of your devices:
Don’t use public Wi-Fi to shop online, log in to your financial institution, or access other sensitive sites — ever
Use a Virtual Private Network, or VPN, to create a network-within-a-network, keeping everything you do encrypted
Implement two-factor authentication when logging into sensitive sites, so even if malicious individuals have the passwords to your bank, social media, or email, they won’t be able to log in
Only visit websites with HTTPS encryption when in public places, as opposed to lesser-protected HTTP addresses
Turn off the automatic Wi-Fi connectivity feature on your phone, so it won’t automatically seek out hotspots
Monitor your Bluetooth connection when in public places to ensure others are not intercepting your transfer of data
Buy an unlimited data plan for your device and stop using public Wi-Fi altogether
The more you take your chances with a free network connection, the greater the likelihood that you will suffer some type of security breach. There is a saying in the cybersecurity industry that there are three types of people in the world: those who have been hacked, those who will be hacked, and those who are being hacked right now and just don’t know it yet. The better you protect yourself, the greater your chances of minimizing the potential damage. Remember: Falling victim to public Wi-Fi’s dangers is a question of when, not if.
Also Read
.jpg)
No comments:
Post a Comment